Monitor Alert

The Monitor Alert object triggers a Policy when new System Center Operations Manager alerts are generated, or when existing System Center Operations Manager alerts are updated, according to filter criteria that you specify.

How it is used

Use the Monitor Alert object to trigger a diagnostic and corrective Policy that responds to critical alerts in your network.

Configuration

To configure the Monitor Alert object you need to know which System Center Operations Manager server you will use and the properties of the alerts that will trigger this object.

Details tab

 

Connection	Click the ellipsis button (...) and select the System Center Operations Manager connection that this object will use.
New alerts	Trigger the Policy when new System Center Operations Manager alerts are created.
Updated alerts	Trigger the Policy when existing System Center Operations Manager alerts are updated.
Filters	The list displays all System Center Operations Manager alert filters that you have configured. To edit or remove a filter, select the item and click Edit or Remove respectively. To add a filter, see the instructions below.

To add a filter:

1.	Click Add. The Add Filter dialog appears.

2.	From the Field drop-down list, select the field that you want to search in.

3.	From the Relation drop-down list, select the type of relation that you want to use in your search.

4.	In the Value field, type or select the value that will be compared to the item that you selected from the Field drop-down list and click OK. The filter is added to the list.

Filter Behavior for the Monitor Alert object

The Monitor Alert object uses filters to determine which properties of an alert will trigger the Policy. Each part of the alert is compared to the values of the filter to determine if they meet the criteria before triggering the Policy. When matching against text fields, the filter allows you to select three different methods of comparison. An option is provided to either match or not match the filter using each method. The following describes how each filter method behaves; the “Does not” version of each method type causes alerts that do not match the filter to trigger the Policy.

•	Equals – The property of the alert must match the text specified in the filter exactly.

•	Contains – The property of the alert must contain the exact text specified in the filter. Unlike the Equals behavior, there can be other text surrounding the matching text.

•

Matches Pattern – Use wildcards to specify a pattern that the text must match. The two wildcard values are the asterisk (*) and the question mark (?). The behavior of the wildcards is similar to the Windows Command Prompt. The asterisk will match any number of characters, while the question mark will only match one character. For example, if you have a filter specified as “a*b”, the pattern would match any text that has an “a” at the beginning and a “b” at the end. So, it will match “aab”, “abbbbbb”, and “abbcb”, but it will not match “ba” or “abba”. Using the question mark, if you have a filter specified as “a?b”, the behavior would be that the pattern will match any text that has an “a” at the beginning, any single character in the middle, and “b” at the end. So this filter will match “a b”, “abb”, and “aqb”, but it will not match “abbb” or “ab”.

Available Published Data

 

Name	Description
AlertCount	The number of monitoring alerts that were found.
Category	The category name of the Management Pack.
Connection	The connection string to the System Center Operations Manager server that you are using.
ConnectorId	The ID of the connector that generated the connection string.
ConnectorStatus	The status of the connector.
Context	The System Center Operations Manager context of the alert.
CustomField1	The value of the 1st custom field.
CustomField2	The value of the 2nd custom field.
CustomField3	The value of the 3rd custom field.
CustomField4	The value of the 4th custom field.
CustomField5	The value of the 5th custom field.
CustomField6	The value of the 6th custom field.
CustomField7	The value of the 7th custom field.
CustomField8	The value of the 8th custom field.
CustomField9	The value of the 9th custom field.
CustomField10	The value of the 10th custom field.
Description	The description of the alert.
Domain	The domain that the alert came from.
Id	The unique ID of the alert.
IsMonitorAlert	Indicates whether the alert is a monitor.
LastModified	The date that the alert was last modified on.
LastModifiedBy	The user that last modified the alert.
LastModifiedByNonConnector	Indicates whether the last modification was performed by a non-connector.
MaintenanceModeLastModified	The time that the monitor’s maintenance mode was last changed.
ManagementGroup	The Management Group that the alert belongs to.
ManagementGroupId	The ID of the Management Group.
MonitoringClassId	The monitoring class ID of the alert.
MonitoringObjectDisplayName	The display name of the System Center Operations Manager monitoring object.
MonitoringObjectFullName	The full name of the System Center Operations Manager monitoring object.
MonitoringObjectHealthState	The health state of the System Center Operations Manager monitoring object.
MonitoringObjectId	The ID of the System Center Operations Manager monitoring object.
MonitoringObjectInMaintenanceMode	Indicates whether the System Center Operations Manager monitoring object is in maintenance mode or not.
MonitoringObjectName	The name of the System Center Operations Manager monitoring object.
MonitoringObjectPath	The path of the System Center Operations Manager monitoring object.
MonitoringRuleId	The ID of the System Center Operations Manager monitoring rule.
Name	The name of the alert.
NetbiosComputerName	The Netbios computer name of the computer where the alert came from.
NetbiosDomainName	The Netbios domain name of the domain where the alert came from.
Owner	The owner of the alert.
Parameters	The parameters of the alert.
PrincipalName	The principal name of the computer that the alert was created for.
Priority	The priority level of the alert.
ProblemId	The problem ID of the alert.
RepeatCount	The number of times that the alert has been repeated.
ResolutionState	The resolution state of the alert.
ResolvedBy	The user that resolved the alert.
Server	The name of the System Center Operations Manager server.
Severity	The severity level of the alert.
SiteName	The site name of the alert.
StateLastModified	The time that the alert state was last changed.
TicketId	The ticket ID of the alert.
TimeAdded	The time that the alert was added to System Center Operations Manager.
TimeRaised	The time that the alert was raised.
TimeResolutionStateLastModified	The time that the resolution state of the alert was last changed.
TimeResolved	The time that the alert was resolved.
Username	The user name that was used to access the System Center Operations Manager server.

Common Published Data

	Popup